magento/project-community-edition vulnerabilities

Direct Vulnerabilities

Known vulnerabilities in the magento/project-community-edition package. This does not include vulnerabilities belonging to this package’s dependencies.

How to fix?

Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.

Fix for free

Vulnerability	Vulnerable Version
M Information Exposure	>=0.0.0
C Command Injection	>=0.0.0
H SQL Injection	>=0.0.0
H Incorrect Authorization	>=0.0.0
H SQL Injection	>=0.0.0
H XML Injection	>=0.0.0
H Incorrect Authorization	>=0.0.0
H Incorrect Authorization	>=0.0.0
C Improper Input Validation	>=0.0.0
C Command Injection	>=0.0.0
C Improper Neutralization of Special Elements Used in a Template Engine	>=0.0.0
M Access Control Bypass	>=0.0.0
M Incorrect Authorization	>=0.0.0
M Incorrect Authorization	>=0.0.0
M Incorrect Authorization	>=0.0.0
M Denial of Service (DoS)	>=0.0.0
M Denial of Service (DoS)	>=0.0.0
C Cross-site Scripting (XSS)	>=0.0.0
M Server-side Request Forgery (SSRF)	>=0.0.0
H XML Injection	>=0.0.0
M XML Injection	>=0.0.0
H Improper Input Validation	>=0.0.0
H SQL Injection	>=0.0.0
M Server-side Request Forgery (SSRF)	>=0.0.0
M Improper Input Validation	>=0.0.0
H Server-side Request Forgery (SSRF)	>=0.0.0
C Cross-site Scripting (XSS)	>=0.0.0
M Cross-site Request Forgery (CSRF)	>=0.0.0
L Incorrect Authorization	>=0.0.0
C Cross-site Scripting (XSS)	>=0.0.0
M Access Control Bypass	>=0.0.0
M Missing Support for Integrity Check	>=0.0.0
H Improper Authorization	>=0.0.0
M Improper Check for Unusual or Exceptional Conditions	>=0.0.0
M Incorrect Authorization	>=0.0.0
M Cross-site Scripting (XSS)	>=0.0.0
M Access Control Bypass	>=0.0.0
M Access Control Bypass	>=0.0.0
M Access Control Bypass	>=0.0.0
M Access Control Bypass	>=0.0.0
H Information Exposure	>=0.0.0
M Access Control Bypass	>=0.0.0
H Access Control Bypass	>=0.0.0
H Improper Authorization	>=0.0.0
M Directory Traversal	>=0.0.0
M Cross-site Scripting (XSS)	>=0.0.0
M Time-of-check Time-of-use (TOCTOU) Race Condition	>=0.0.0
M Time-of-check Time-of-use (TOCTOU) Race Condition	>=0.0.0
M Cross-site Scripting (XSS)	>=0.0.0
M Cross-site Scripting (XSS)	>=0.0.0
M Cross-site Scripting (XSS)	>=0.0.0
M Cross-site Scripting (XSS)	>=0.0.0
M Cross-site Scripting (XSS)	>=0.0.0
M Cross-site Scripting (XSS)	>=0.0.0
M Cross-site Scripting (XSS)	>=0.0.0
C Improper Authorization	>=0.0.0

Vulnerability

Vulnerable Version

Information Exposure

>=0.0.0

Command Injection

>=0.0.0

SQL Injection

>=0.0.0

Incorrect Authorization

>=0.0.0

SQL Injection

>=0.0.0